package com.bright.ghj.overt.config;

import com.bright.ghj.overt.cas.CasUserDetailsServiceImpl;
import com.bright.ghj.user.cas.CasAuthenticationEntryPointImpl;
import com.bright.ghj.user.config.AbstractWebSecurityCasConfig;
import com.bright.ghj.user.properties.CasProperties;
import com.bright.ghj.user.security.Cas20ProxyTicketValidatorExt;
import com.bright.ghj.user.security.CasAuthenticationProviderExt;
import com.bright.ghj.common.util.StringUtil;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.web.CasAuthenticationFilter;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.core.GrantedAuthorityDefaults;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy;

import java.util.Arrays;
import java.util.List;

/**
 * @Author txf
 * @Date 2022/6/24 15:42
 * @Author hxj
 * @Date 2024/11/25
 * @Description
 */
@Configuration
public class WebSecurityCasConfig extends AbstractWebSecurityCasConfig {


    @Autowired
    public WebSecurityCasConfig(CasProperties casProperties, CasAuthenticationEntryPointImpl casAuthenticationEntryPoint, CasUserDetailsServiceImpl casUserDetailsService) {
        super.casProperties = casProperties;
        super.casAuthenticationEntryPoint = casAuthenticationEntryPoint;
        super.casUserDetailsService = casUserDetailsService;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        List<String> permitAllPatterns =
                Arrays.asList("/doc.html", "/login", "/send", "/static/**" //, "/**"
                        , "/getPublicData", "/test/docking/**" // 第三方对接放行
                        );
        configureHttpSecurity(http, permitAllPatterns,
                casAuthenticationFilter(serviceProperties(), sessionAuthenticationStrategy()),
                onlineUserFilter(), casLogoutFilter(), singleSignOutFilter());
    }


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        configureAuth(auth, casAuthenticationProvider(serviceProperties(), cas20ServiceTicketValidator()));
    }

}
